Google adds new features to BeyondCorp Enterprise security platform

Back in January 2021, Google announced the BeyondCorp Enterprise, a zero trust solution that enables secure access with integrated threat and data protection. The Silicon Valley giant has now introduced three new features to the security platform, making it easier for its customers to provide users with simple and secure access to key applications.

Firstly, Google has announced the general availability of certificate-based access for GCP APIs via VPC Service Controls (VPC-SC). Using certificate-based access protects against credential theft or accidental exposure by only granting access when both credentials and the original device certificate are presented.

Google currently offers native support for client certificates for eight types of VPC-SC resources:

• GCE
• GKE
• PubSub
• Spanner
• Cloud KMS
• GCS
• BigQuer
• Logging

Secondly, customers can now secure an HTTP or HTTPS based, on-premises app outside of Google Cloud with Identity-Aware Proxy by deploying an IAP connector. When a request is sent to an on-premises app, IAP authenticates and authorizes the user request and then routes the request to the connector. The IAP connector forwards the request via a site-to-site connection established with Cloud Interconnect from Google Cloud to the on-premises network.

Thirdly, more zero trust access conditions are now available in Access Context Manager, the zero trust policy engine behind BeyondCorp Enterprise. The ability to leverage new attributes - Time and Date, Credential strength and Chrome browser - gives admins even more ways to build fine-grained access control policies to safeguard their applications and Google Cloud resources.

• Time and Date: The time and date restriction is a feature for enterprise customers to enable access controls based on specific times, dates, and/or ranges.
• Credential strength: By leveraging credential strength as another condition in access control policies, enterprises can enforce access controls based on the usage of hardware security keys or other forms of multi-factor authentication.
• Chrome Browser: Admins can set zero trust policies to ensure that the users are accessing resources from secure environments,